Field of the Invention
The present invention relates to an innovative system and method for securing payments or transactions made with a smart card, and for validating the identity of the smart card holder using a client/server biometric control operation, regardless of whether these payments or transactions are made directly at the point of sale or from a PC (personal computer or shared open-access computer) connected to the Internet, or using a cell phone, a portable computer (also known as a laptop), a PDA (Personal Digital Assistant), or any other computer or mobile or fixed means that can connect via any telecommunication network and carry out a transaction involving biometrics from the point generating said transaction. The present invention also relates to smart-card-holding employees of financial institutions who perform professional inter-bank transfers. This invention can also be used for electronic funds transfers between countries, between groups of countries, between groups of countries and countries and between international organizations and countries.
The present invention is designed in the form of a client/server-type system for authenticating the identity of a smart card holder, dually based on the use of the smart card and, on the identification of the holder i) by means of biometric data stored on an extended memory smart card, and ii) by comparison with biometric data from an external, remote database that is secured and operated by the authentication third party or by the financial institution.
Description of Related Art
Nowadays, around the world, payments or transactions are normally made using a magnetic-stripe card, with the transaction slip that is issued requiring a signature as part of the act of purchasing. In some countries, the signature is replaced by a multiple-digit PIN code, which is compared with that resident in the smart card memory.
Given the very strong volume in growth worldwide of purchase transactions or financial transfers, involving cards with or without microprocessors as the medium, more and more payments or transactions can be subject to fraud, having some transactions not requiring a PIN code. Although the PIN code ensures better security than the signature alone on the purchase slip, it risks being cloned or stolen from its owner.
Also, at present, card holders, regardless of whether the cards are smart or not, are identified by their personal proof of identification (personal ID); it has been observed that numerous card frauds, whether the card is smart or otherwise, occur with the issue of multiple cards by different financial institutions to a single individual, without it being possible to correlate and verify his identity in the form in which it is supplied today to the issuing financial institutions. Among other things, these frauds are due to the use of false papers, identity cloning in all its forms, or even the simple physical theft of cards, smart or otherwise, blank or already assigned.